"Doing the right thing is the only way to be sustainable over time"

Posted on Jan 2, 2025

Miguel Fernando Jaimes Abaunza, Chief Legal Officer at Indra for the Andean Region, Southern Cone, Central America, and the Caribbean, discusses how the IT multinational has overcome the legal challenges associated with its global expansion, highlights the company’s innovative strategies, such as the role of the contract manager and the strengthening of its compliance culture.

Tell us a bit about your company, Indra.

Indra is one of the leading global tech and consulting companies and the technology partner of its clients’ key operations worldwide. It is a leading global provider of proprietary solutions in specific segments of the transportation and defense industries. Its business model is based on offering a comprehensive range of proprietary products, an end-to-end approach, high value and a significant innovation component.

Indra belongs to Indra Group, a business holding that promotes technological progress, along with Minsait, a leader in digital transformation and information technology in Spain and Latin America. Sustainability is part of its strategy and culture, so as to respond to present and future social and environmental challenges. At the end of 2023, Indra Group had revenues of €4.34 billion, more than 57,000 employees, a local presence in 46 countries, and commercial operations in more than 140 countries.

What challenges has the legal department faced during Indra’s recent high-growth phase?

At Indra, we are committed to excellence and adaptability in responding to our business environment challenges. Evidence of this is that, as a legal department, we have evolved according to the company’s expansion and growth needs, with strategies that allow us to ensure that our key operations meet goals through steps such as featuring the role of  Contract Manager; a professional who accompanies ‒ under defined functions within the legal, regulatory, and contractual framework ‒ the roject manager or project leader at the contractual and post-contractual execution stage, ensuring that all activities are developed under a clear and effective legal and regulatory framework.

Can you illustrate this with an example?

In the region I cover, the company has more than 300 connected clients and operations in more than 450 projects, thanks to its technological innovation. These projects are key to the development of countries. For example, the company is present in 95% of Colombian air traffic, its technology is present in the control towers of 25 cities and municipalities, and airport control centers such as: El Dorado Airport in Bogotá, José María Córdova Airport in Rionegro and Ernesto Cortissoz Airport in Barranquilla.

Indra is a major supplier of technology for the Túnel de Oriente, one of the longest tunnels in Latin America, which has two control centers, integrated tunnel traffic management, automatic incident detection and electronic tolls.

Additionally, we are driving the digital transformation of telecom and media operators in Colombia. We are technological allies of the three main companies that operate telecommunications services in the country (Claro, Tigo and Telefónica).

For these projects and others we have provided legal support, to commercial, technical and financial teams in state-contracting procedures. This has been crucial in the pre-contractual and contractual phases, ensuring proper and transparent management.

At Indra, responsible business conduct is not just a strategy, but a vision of corporate culture driven by the desire to contribute positively to the development of the countries where we operate

How has Indra’s compliance strategy evolved in recent years?

At Indra, responsible business conduct is not just a strategy, but a vision of corporate culture driven by the desire to contribute positively to the development of the countries where we operate. With this in mind, we have established a motto and basic purpose that we believe in as an organization and that underpins our actions: Doing the right thing.

Doing the right thing is the only way to be sustainable over time. Indra is a local and global reference in digital transformation projects, and this leads us to seek to be better every day, not only from the development of a portfolio of solutions and services, but also from adherence to legality and compliance in each of our actions.

As one of the leading companies in the technology sector, we participate in high-level projects with environmental impact, which are often funded with public resources, and this drives us to guarantee and promote the highest standards of corporate governance, always having transparency, integrity, and professionalism as our central axis.

We have recently renewed the ISO 37001 (or anti-bribery management systems) certification. This is a recognition of the quality and transparency of the system implemented by the company and its effort to prevent and eradicate any illegal behavior.

This commitment to best governance practices has also helped position Indra as the most sustainable company in its sector worldwide, according to the Dow Jones Sustainability World Index and the S&P Global yearbook.

What are the main legal challenges you face in complying with local and international information-security regulations?

One of the main challenges we face at Indra is the rapid evolution of cybersecurity regulations. In a world where regulations are constantly changing, it is essential to ensure that our technological solutions comply with various standards, such as the General Data Protection Regulation (GDPR) in Europe, as well as local regulations in Latin America.

This process involves constant monitoring of current regulations and the ability to adapt quickly to any changes. We are committed to being at the forefront of compliance to ensure information protection and customer trust. At Indra, we believe that facing these challenges with agility is key to continuing to offer innovative and secure solutions in a dynamic environment.

How does Indra’s legal department ensure that compliance standards are met in all these locations?

Today our organizational culture has a robust code of ethics and legal compliance, from which Indra’s criminal risk prevention and competition law risk prevention models are derived, which provide specific guidelines for the development of the functions of each of the company’s professionals, always aiming for transparency, integrity and zero tolerance for irregularities.

Indra’s anti-bribery management system is part of the criminal risk prevention model, which in turn is integrated into Indra’s compliance model and is applied globally. Among its objectives is highlighting the promotion of a compliance and good governance culture that allows preventing any activity that violates laws in its business areas. Indra’s compliance unit is responsible for its implementation and execution globally.

Indra also has various checks and balances that have been implemented with a risk management approach. These are complemented by regular audits and the appointment of compliance officers who have the responsibility to ensure that our standards are effectively applied in all our locations.

What role does the global corporate compliance strategy play in this context?

Indra constantly updates and strengthens its risk management system through its global compliance model. This is accomplished by updating its main internal documents, which are applied in Spain and international subsidiaries.

The company also encourages respect for laws and internal regulations among its professionals and collaborators, to eradicate any type of unethical or irregular behavior, through annual training sessions that are delivered or coordinated by the compliance unit. Furthermore, the use of the direct channel (a confidential communication channel for professionals, collaborators, and third parties with legitimate interest) is encouraged, in order to report any potential irregularity or violation in compliance matters. Likewise, consultations regarding the interpretation and/or application of the code of ethics and legal compliance are permitted.

How does Indra foresee the evolution of compliance in the technology sector in the coming years?

Compliance and risk prevention values are fundamental for any company and must be evident in its institutional structure through the adoption of good governance policies that guarantee effective systems of checks and balances that are constantly updated.

At Indra, we take pride in being leaders in implementing good governance practices and transparency in our daily operations. From decision-making to resource management, we have established clear policies and procedures to ensure transparency and accountability.

Doing things right ‒ regardless of when, where or with whom ‒ is the main motivation at Indra. Adherence to compliance and risk prevention, based on principles and values such as transparency, responsibility and integrity, are inherent elements of our company’s corporate DNA, and I believe it should be that way at all companies.

We are convinced that by continuously strengthening our commitment to compliance, we not only ensure the integrity of our operations but also contribute to a safer and more ethical technological environment in the future.